schmalz/shared-actions
15
0
Fork 0
Code Issues Pull requests 1 Releases Packages Activity Actions

fix: force public npm registry for pnpm self-installer bootstrap
All checks were successful
Aikido Security PR Check / Aikido Security Scan (pull_request) Successful in 40s
Details
validate-shared-actions / validate-shared-actions (pull_request) Successful in 39s
Details

Browse source 
pnpm/action-setup bootstraps itself via npm before pnpm is available.
If a repo has a custom registry in .npmrc (e.g. pointing to JFrog or
Nexus), the self-installer tries to fetch pnpm from that registry
without credentials and fails with exit code 1.

Setting NPM_CONFIG_REGISTRY overrides .npmrc for this step only,
ensuring pnpm is always fetched from the public registry. Private
registry auth is configured in subsequent steps once pnpm is ready.
This commit is contained in:
Michael.Seele@schmalz.de 2026-05-22 09:29:42 +02:00
parent 97d17f46e8
commit 6dc474f759
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
pnpm-build/action.yml
View file

@ -50,6 +50,12 @@ runs:
# pnpm/action-setup v4.3.0 — https://code.forgejo.org/pnpm/action-setup/commits/tag/v4.3.0
- name: Install pnpm
uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1
env:
# Override any registry configured in .npmrc (e.g. JFrog or Nexus).
# pnpm/action-setup bootstraps itself via npm before pnpm is available,
# so it must reach the public npm registry. Auth for private registries
# is configured in a later step, after pnpm is installed.
NPM_CONFIG_REGISTRY: https://registry.npmjs.org
with:
version: ${{ inputs.pnpm-version }}